DPDK patches and discussions
 help / color / mirror / Atom feed
From: Igor Russkikh <Igor.Russkikh@aquantia.com>
To: "dev@dpdk.org" <dev@dpdk.org>
Cc: "ferruh.yigit@intel.com" <ferruh.yigit@intel.com>,
	"thomas@monjalon.net" <thomas@monjalon.net>,
	"arybchenko@solarflare.com" <arybchenko@solarflare.com>,
	"konstantin.ananyev@intel.com" <konstantin.ananyev@intel.com>,
	Pavel Belous <Pavel.Belous@aquantia.com>,
	Igor Russkikh <Igor.Russkikh@aquantia.com>
Subject: [dpdk-dev] [PATCH v3 1/6] net/atlantic: macsec hardware structures declaration
Date: Thu, 18 Apr 2019 11:39:48 +0000	[thread overview]
Message-ID: <85a9511657c50db1d9767bcd73022f7092cad0a5.1555587238.git.igor.russkikh@aquantia.com> (raw)
Message-ID: <20190418113948.Z0jkWluaTS1u_PFF5e48fLl1PQL50oiVfmvhapsoMIM@z> (raw)
In-Reply-To: <cover.1555587238.git.igor.russkikh@aquantia.com>

From: Pavel Belous <pavel.belous@aquantia.com>

Here we define hardware and software configuration structures
for macsec interface. MACSEC itself is implemented in Phy module,
but its configuration is done via firmware interface

Signed-off-by: Pavel Belous <pavel.belous@aquantia.com>
Signed-off-by: Igor Russkikh <igor.russkikh@aquantia.com>
---
 drivers/net/atlantic/atl_types.h           |  37 ++++++
 drivers/net/atlantic/hw_atl/hw_atl_utils.h | 148 +++++++++++++++++++++
 2 files changed, 185 insertions(+)

diff --git a/drivers/net/atlantic/atl_types.h b/drivers/net/atlantic/atl_types.h
index 3edaf0c7c047..3cc9e96089e8 100644
--- a/drivers/net/atlantic/atl_types.h
+++ b/drivers/net/atlantic/atl_types.h
@@ -59,6 +59,39 @@ struct aq_rss_parameters {
 	u8 indirection_table[HW_ATL_B0_RSS_REDIRECTION_MAX];
 };
 
+/* Macsec stuff */
+struct aq_macsec_config {
+	struct {
+		u32 macsec_enabled;
+		u32 encryption_enabled;
+		u32 replay_protection_enabled;
+	} common;
+
+	struct {
+		u32 idx;
+		u32 mac[2]; /* 6 bytes */
+	} txsc;
+
+	struct {
+		u32 idx;
+		u32 an; /* association number on the local side */
+		u32 pn; /* packet number on the local side */
+		u32 key[4]; /* 128 bit key */
+	} txsa;
+
+	struct {
+		u32 mac[2]; /* 6 bytes */
+		u32 pi;
+	} rxsc;
+
+	struct {
+		u32 idx;
+		u32 an; /* association number on the remote side */
+		u32 pn; /* packet number on the remote side */
+		u32 key[4]; /* 128 bit key */
+	} rxsa;
+};
+
 struct aq_hw_cfg_s {
 	bool is_lro;
 	bool is_rss;
@@ -75,6 +108,7 @@ struct aq_hw_cfg_s {
 	uint32_t flow_control;
 
 	struct aq_rss_parameters aq_rss;
+	struct aq_macsec_config aq_macsec;
 };
 
 struct aq_hw_s {
@@ -143,6 +177,9 @@ struct aq_fw_ops {
 	int (*set_eeprom)(struct aq_hw_s *self, int dev_addr,
 			  u32 *data, u32 len);
 
+	int (*send_macsec_req)(struct aq_hw_s *self,
+			       struct macsec_msg_fw_request *req,
+			       struct macsec_msg_fw_response *response);
 };
 
 struct atl_sw_stats {
diff --git a/drivers/net/atlantic/hw_atl/hw_atl_utils.h b/drivers/net/atlantic/hw_atl/hw_atl_utils.h
index f2a87826c0d1..b7c531573623 100644
--- a/drivers/net/atlantic/hw_atl/hw_atl_utils.h
+++ b/drivers/net/atlantic/hw_atl/hw_atl_utils.h
@@ -351,6 +351,154 @@ struct smbus_write_request {
 	u32 length;
 } __attribute__((__packed__));
 
+enum macsec_msg_type {
+	macsec_cfg_msg = 0,
+	macsec_add_rx_sc_msg,
+	macsec_add_tx_sc_msg,
+	macsec_add_rx_sa_msg,
+	macsec_add_tx_sa_msg,
+	macsec_get_stats_msg,
+};
+
+struct macsec_cfg {
+	uint32_t enabled;
+	uint32_t egress_threshold;
+	uint32_t ingress_threshold;
+	uint32_t interrupts_enabled;
+} __attribute__((__packed__));
+
+struct add_rx_sc {
+	uint32_t index;
+	uint32_t pi; /* Port identifier */
+	uint32_t sci[2]; /* Secure Channel identifier */
+	uint32_t sci_mask; /* 1: enable comparison of SCI, 0: don't care */
+	uint32_t tci;
+	uint32_t tci_mask;
+	uint32_t mac_sa[2];
+	uint32_t sa_mask; /* 0: ignore mac_sa */
+	uint32_t mac_da[2];
+	uint32_t da_mask; /* 0: ignore mac_da */
+	uint32_t validate_frames; /* 0: strict, 1:check, 2:disabled */
+	uint32_t replay_protect; /* 1: enabled, 0:disabled */
+	uint32_t anti_replay_window; /* default 0 */
+	/* 1: auto_rollover enabled (when SA next_pn is saturated */
+	uint32_t an_rol;
+} __attribute__((__packed__));
+
+struct add_tx_sc {
+	uint32_t index;
+	uint32_t pi; /* Port identifier */
+	uint32_t sci[2]; /* Secure Channel identifier */
+	uint32_t sci_mask; /* 1: enable comparison of SCI, 0: don't care */
+	uint32_t tci; /* TCI value, used if packet is not explicitly tagged */
+	uint32_t tci_mask;
+	uint32_t mac_sa[2];
+	uint32_t sa_mask; /* 0: ignore mac_sa */
+	uint32_t mac_da[2];
+	uint32_t da_mask; /* 0: ignore mac_da */
+	uint32_t protect;
+	uint32_t curr_an; /* SA index which currently used */
+} __attribute__((__packed__));
+
+struct add_rx_sa {
+	uint32_t index;
+	uint32_t next_pn;
+	uint32_t key[4]; /* 128 bit key */
+} __attribute__((__packed__));
+
+struct add_tx_sa {
+	uint32_t index;
+	uint32_t next_pn;
+	uint32_t key[4]; /* 128 bit key */
+} __attribute__((__packed__));
+
+struct get_stats {
+	uint32_t version_only;
+	uint32_t ingress_sa_index;
+	uint32_t egress_sa_index;
+	uint32_t egress_sc_index;
+} __attribute__((__packed__));
+
+struct macsec_stats {
+	uint32_t api_version;
+	/* Ingress Common Counters */
+	uint64_t in_ctl_pkts;
+	uint64_t in_tagged_miss_pkts;
+	uint64_t in_untagged_miss_pkts;
+	uint64_t in_notag_pkts;
+	uint64_t in_untagged_pkts;
+	uint64_t in_bad_tag_pkts;
+	uint64_t in_no_sci_pkts;
+	uint64_t in_unknown_sci_pkts;
+	uint64_t in_ctrl_prt_pass_pkts;
+	uint64_t in_unctrl_prt_pass_pkts;
+	uint64_t in_ctrl_prt_fail_pkts;
+	uint64_t in_unctrl_prt_fail_pkts;
+	uint64_t in_too_long_pkts;
+	uint64_t in_igpoc_ctl_pkts;
+	uint64_t in_ecc_error_pkts;
+	uint64_t in_unctrl_hit_drop_redir;
+
+	/* Egress Common Counters */
+	uint64_t out_ctl_pkts;
+	uint64_t out_unknown_sa_pkts;
+	uint64_t out_untagged_pkts;
+	uint64_t out_too_long;
+	uint64_t out_ecc_error_pkts;
+	uint64_t out_unctrl_hit_drop_redir;
+
+	/* Ingress SA Counters */
+	uint64_t in_untagged_hit_pkts;
+	uint64_t in_ctrl_hit_drop_redir_pkts;
+	uint64_t in_not_using_sa;
+	uint64_t in_unused_sa;
+	uint64_t in_not_valid_pkts;
+	uint64_t in_invalid_pkts;
+	uint64_t in_ok_pkts;
+	uint64_t in_late_pkts;
+	uint64_t in_delayed_pkts;
+	uint64_t in_unchecked_pkts;
+	uint64_t in_validated_octets;
+	uint64_t in_decrypted_octets;
+
+	/* Egress SA Counters */
+	uint64_t out_sa_hit_drop_redirect;
+	uint64_t out_sa_protected2_pkts;
+	uint64_t out_sa_protected_pkts;
+	uint64_t out_sa_encrypted_pkts;
+
+	/* Egress SC Counters */
+	uint64_t out_sc_protected_pkts;
+	uint64_t out_sc_encrypted_pkts;
+	uint64_t out_sc_protected_octets;
+	uint64_t out_sc_encrypted_octets;
+
+	/* SA Counters expiration info */
+	uint32_t egress_threshold_expired;
+	uint32_t ingress_threshold_expired;
+	uint32_t egress_expired;
+	uint32_t ingress_expired;
+} __attribute__((__packed__));
+
+struct macsec_msg_fw_request {
+	uint32_t offset; /* not used */
+	uint32_t msg_type;
+
+	union {
+		struct macsec_cfg cfg;
+		struct add_rx_sc rxsc;
+		struct add_tx_sc txsc;
+		struct add_rx_sa rxsa;
+		struct add_tx_sa txsa;
+		struct get_stats stats;
+	};
+} __attribute__((__packed__));
+
+struct macsec_msg_fw_response {
+	uint32_t result;
+	struct macsec_stats stats;
+} __attribute__((__packed__));
+
 #define HAL_ATLANTIC_UTILS_CHIP_MIPS         0x00000001U
 #define HAL_ATLANTIC_UTILS_CHIP_TPO2         0x00000002U
 #define HAL_ATLANTIC_UTILS_CHIP_RPF2         0x00000004U
-- 
2.17.1


  parent reply	other threads:[~2019-04-18 11:39 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-04-18 11:39 [dpdk-dev] [PATCH v3 0/6] add MACSEC hw offload to atlantic PMD Igor Russkikh
2019-04-18 11:39 ` Igor Russkikh
2019-04-18 11:39 ` Igor Russkikh [this message]
2019-04-18 11:39   ` [dpdk-dev] [PATCH v3 1/6] net/atlantic: macsec hardware structures declaration Igor Russkikh
2019-04-18 11:39 ` [dpdk-dev] [PATCH v3 2/6] net/atlantic: enable macsec configuration Igor Russkikh
2019-04-18 11:39   ` Igor Russkikh
2019-04-18 11:39 ` [dpdk-dev] [PATCH v3 3/6] net/atlantic: macsec firmware interface Igor Russkikh
2019-04-18 11:39   ` Igor Russkikh
2019-04-18 11:39 ` [dpdk-dev] [PATCH v3 4/6] net/atlantic: interrupt handling and macsec configuration Igor Russkikh
2019-04-18 11:39   ` Igor Russkikh
2019-04-18 11:40 ` [dpdk-dev] [PATCH v3 5/6] net/atlantic: implement macsec statistics Igor Russkikh
2019-04-18 11:40   ` Igor Russkikh
2019-04-18 11:40 ` [dpdk-dev] [PATCH v3 6/6] net/atlantic: bump internal driver version Igor Russkikh
2019-04-18 11:40   ` Igor Russkikh
2019-04-18 11:56 ` [dpdk-dev] [PATCH v3 0/6] add MACSEC hw offload to atlantic PMD Ferruh Yigit
2019-04-18 11:56   ` Ferruh Yigit
2019-04-18 12:27   ` Igor Russkikh
2019-04-18 12:27     ` Igor Russkikh
2019-04-18 14:28 ` Ferruh Yigit
2019-04-18 14:28   ` Ferruh Yigit

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=85a9511657c50db1d9767bcd73022f7092cad0a5.1555587238.git.igor.russkikh@aquantia.com \
    --to=igor.russkikh@aquantia.com \
    --cc=Pavel.Belous@aquantia.com \
    --cc=arybchenko@solarflare.com \
    --cc=dev@dpdk.org \
    --cc=ferruh.yigit@intel.com \
    --cc=konstantin.ananyev@intel.com \
    --cc=thomas@monjalon.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).